Electronic networks originally incorporated similar types of devices specifically designed to communicate with one another. Perhaps the earliest type of network was the telephone system, which allows each handset to communicate with other, identical handsets through a switch. The earliest computer networks consisted of a terminals which were designed to communicate with a mainframe or host computer, thus allowing numerous terminals to use the resources of the host.
Over the years, however, the distinction between computer networks and phone networks has become blurred. Phone networks now allow computers to communicate with each other and, networks of computers now facilitate telephonic communicates. Companies use internal computer and telephonic networks to support office functions, and these internal networks are further connected to the wide-area networks and the Internet via telephone lines or other links. Such configurations allow computing and communication devices to communicate with other types of devices across a broad range of configurations. Other existing network variations include cellalar telephone networks, automated teller machines and various private communications systems used in business and commerce. By far the most rapidly expending network is the Internet, which is actually a collection of computer networks interconnected by a protocol known as TCP/IP. The current growth of the Internet is estimated at about a million new users each month. These new users include sophisticated computer and business users as well as home owners, students and children.
Advances in technology have added many new devices which can be hooked to computer networks and telephone networks including cellular telephones, printers, fax machines, automatic teller machines, cash registers or point of sale devices, and numerous other types of devices with new devices being added on an almost daily occurrence. With all of these devices seeking to communicate with one another, security has become a more and more important aspect of any type of network. In a client-server architecture, for example, a plurality of clients are typically in communication with an individual server. One problem that arises is whether a particular client has the right to communicate with the server, and at what level of privilege the communication should be allowed. When clients are attempting to communicate with other clients, the problem is similar, but the security issues become more complex. In some situations, the communications are directly between the clients, i.e. peer-to-peer communications. In other circumstances, the communications are routed through the server, i.e. from client A to the server and then from the server to client B. The numerous techniques for controlling access to both the clients and the servers and protecting the communication between the attached devices have included such techniques as passwords, encryption and various other methods for establishing the authenticity and identity of the clients and the servers and other devices.
In an effort to allow electronic or computing devices to communicate with one another, a system of addresses was devised, called IP addressing, in which sets of numbers are assigned to various manufacturers, these addresses being encoded into the devices themselves. Other sets of IP addresses are allocated to the registered owner of various types of networks. These addresses are allocated to devices which are attached to the network (i.e., a personal computer attached to a local area network). In this fashion, devices attached to the network can send information to other devices attached to the network by using this IP address. This does not assure that the message arrives at the desired device, but, rather, allows the initiating device to broadcast the message generally to the network and hopefully the recipient device is listening for a message with its IP address attached to the message.
Numerous difficulties have also arisen by simply having disparate equipment attached to a common network backbone. At a low level, these problems include different protocols (i.e., TCP/IP, NetBUI, NetBIOS, SNA, BNA, etc.) attempting to communicate with one another. At a higher level, the problems include different types of encryption schemes, different character sets (i.e., ASCII, EBCIC, etc.), different electrical specifications (i.e., 802.1, etc.) and so forth. Along with the differences in equipment are differences in uses of the systems themselves, which may include banking systems, telecommunication systems, office networks, wide area networks, cellular phone networks, cable television networks, and various types of e-commerce usages. Each of these systems retains its own unique characteristics, even when operating across the same medium.
In the client-server environment, passwords are typically used to identify the clients to the server, and this, in turn, establishes the authenticity of the person attempting to communicate with the server. Other techniques for identifying oneself to the server would be through use of encryption. These encryption schemes have typically used public keys and private keys which are generated on the server to allow the clients to identify themselves to the server. In this fashion, the clients and the servers negotiate with one another prior to establishing a link or dialog. In order to allow servers to connect to other servers, typically a name server may be established which lists all other servers and defines the privileges allowed between the servers.
One system for addressing the communications problem between clients was addressed at MIT in a system entitled Kerberos. In this system, a client requests to a particular server permission to speak to another client. The server returns to the requesting client a key which that client is to use when attempting to communicate with the receiving client. The server also sends that same key to the intended recipient in order for the recipient client to identify that a communication will be arriving at that recipient client, and if the communication contains that key, then it should be safe for the receiving client to communicate with that initiating client. The server also instructs the initiating client of the path to follow to get to that receiving client. One drawback with the Kerberos system is that if a malicious observer monitors the transmissions between the initiating client and the server and obtains valid keys from that server when they are sent from the server to the initiating client. Other problems include delayed transmissions, which have been addressed with some success through time-stamping.
Other systems which have experienced a great deal of inventive effort are banking systems, which typically include automatic teller machines connected to a central computer through a variety of techniques. The security in such systems is absolutely critical, and encryption and various other techniques have been used with a good deal of success. Some banking systems operate on dedicated lines which run from the ATMs to the central computer, thereby simplifying the problems of security. Even with these security systems in place, the transmissions are encrypted and also use considerable authentication from point to point.
In telecommunications, systems have been devised to verify the identity of the initiating phone call, verify the personal ID number of the person initiating a cellular call, distinguish the rights of a call initiator from a cell phone which is operating outside of its normal operating cell, perform caller identification for regular and cell phone telecommunication systems, block certain types of calls for both cellular and regular phone systems, and numerous other techniques which are currently being implemented.
In the field of e-commerce or electronic commerce (commerce transacted over the Internet), there are currently systems in place which enable secure transmission of information and to verify transactions. Systems have also been implemented which permit specific users to connect to specific sites, while excluding other persons from specific sites. In the present World Wide Web environment, new techniques are also being developed for sending certified mail and secure e-mail, which involve the verification of rights to send and the verification of rights to receive a particular message.
Each of these areas of network communication provide numerous benefits to the public in general, but each system also come with risks. One risk is that the information received across the network is either altered or false communications are sent directly to a receiving device. In systems as currently implemented, an overall problem is that the receiving client must be present when the transmission from the sending client is initiated. In e-mail systems, one well-known shortcoming is that the e-mail is transmitted from the sending client to the server, and then to the receiving client. It would be beneficial for the message to be sent directly from the sender to the receiver, thereby eliminating in large portion the problems of corruption of the message. It would also be beneficial to have a system which addressed the issues of devices attempting to communicate with incompatible devices where at least one of the devices has the ability to convert the communication to a compatible communication.